Published: 2022/08/24  Last Updated: 2022/08/24

Information from Six Apart Ltd.

Vulnerability ID:JVN#57728859
Title:Movable Type XMLRPC API vulnerable to command injection

This is a statement from the vendor itself with no modification by JPCERT/CC.

Six Apart recommends that you upgrade to the latest version or execute workaround. Please see the news: Movable Type 7 r.5301 (v7.9.5), v6.8.7: Security update.